Security Ecosystem at Veeam

Veeam’s product development and collaboration pace with security vendors is not just a differentiator, it’s a trust signal. Veeam has proven to innovate fast and integrate wide. This session highlights these integrations, iteration velocity and the breadth of the ecosystem. Veeam emphasizes its “power of three” strategy, extending beyond internal innovation to encompass robust partnerships with over 65 security vendors, including major players like Palo Alto, CrowdStrike, Splunk, and Sophos. This extensive ecosystem allows organizations to leverage their existing security investments by feeding information directly from Veeam’s data protection platform into their chosen security tools. The Veeam CyberSecure program, which includes advanced capabilities, incident response retainers, and a ransomware recovery warranty with zero claims to date, further underscores their commitment to data safety.

Veeam provides comprehensive monitoring and reporting through Veeam ONE, which tracks hypervisor, cloud workloads, and Microsoft 365 backup products. This critical data is fed into security partners’ platforms, offering insights into anomalies such as unusual data read-write rates or suspicious login attempts, enabling quicker threat notification. Veeam supports various event types, from malware detection to overall system overviews, making this information available via Syslog and JSON formats. This allows customers to filter events based on their needs and avoid alert fatigue, integrating seamlessly with any Security Information and Event Management (SIEM) tool, including free options. Notably, Veeam makes its documentation publicly accessible, reflecting its commitment to transparency and empowering users.

A key aspect of Veeam’s integration strategy is its recent collaboration with CrowdStrike, offering dashboards for data protection monitoring and security events within the CrowdStrike platform. These pre-built dashboards provide a high-level overview of security events within the Veeam environment, allowing users to drill down for detailed information. Furthermore, Veeam’s integration with Palo Alto XSOAR enables automated playbooks, such as initiating instant VM recovery or deploying security agents on compromised machines. This bidirectional communication helps orchestrate responses across data protection and security operations, enabling security analysts to build customized workflows, even without direct experience with Veeam’s application, as demonstrated by a customer who leveraged Veeam events in Splunk to drive Palo Alto XSOAR automations.